Microsoft Authenticator to nuke Entra creds on rooted and jailbroken phones

Warning, lockout, then wipe if your device trips detection

by · The Register

Microsoft is removing Entra credentials for school and work from jailbroken and rooted devices running iOS and Android.

The process is automatic and there is no opt-out. If Microsoft Authenticator detects that a device has been jailbroken or rooted, it will first display a warning, then block access, and finally wipe credentials. The procedure is already underway for Android devices, and iOS devices will follow in April 2026.

If all goes to plan, Microsoft will complete the process by July 2026. The app will warn, block, and wipe data "during any interactive operation that involves a work or school account in Microsoft Authenticator."

There is an argument that an employer should provide employees with suitably locked-down devices anyway, and a jailbroken or rooted device might allow apps to cause all sorts of mischief that could bypass Microsoft's security controls and cause multi-factor authentication (MFA) headaches.

However, there are also good reasons to use a device – particularly an Android – that qualifies as jailbroken or rooted. There is plenty of software that only works on devices no longer solely part of a given vendor's ecosystem, although it is important to understand the risks involved.

After receiving the warning, one user remarked: "Disabling the hardened memory allocator for the app got rid of it having an issue with the device."

"Microsoft Authenticator is not officially supported on GrapheneOS and Entra accounts may be impacted in the future on devices running GrapheneOS that are detected as rooted," a Microsoft spokesperson said. "Microsoft uses a range of local health and anti‑tampering checks to detect rooted or jailbroken devices. As new threats emerge, these protections are continuously updated. To help limit circumvention and maintain effectiveness, Microsoft does not publicly disclose specific detection methods."

Microsoft first warned customers last year that the Authocalypse was coming for jailbroken or rooted devices. In response to a post reminding users that the effort was underway, another observer said: "So, the quickest way to clean up tens of M365 accounts that were 'restored' to a new phone (and completely broken) would actually be to root my Pixel?"

Perhaps not quite what Microsoft had in mind. ®

Microsoft 365 confirms new premium tier, stuffed with AI and few discounts: E7 arrives with a hefty price. Got to keep those shareholders happyRichard Speed, 09 Mar 2026Windows Backup adds second-chance restore at sign-in: First sign-in restore aims to cut rebuilds when users skip setup optionsRichard Speed, 16 Jan 2026Microsoft Azure challenges AWS for downtime crown: Azure Front Door service outage disrupts airlines and other online servicesThomas Claburn, 29 Oct 2025Kubernetes kicks down Azure Front Door: This time outage was not actually Microsoft's faultRichard Speed, 09 Oct 2025